Secure bootstrap usually use integrity measurement scheme to verify code or data before they are loaded into memory. As to traditional PC (Personal Computer) architecture, this method is hard to protect security of system software and application especially.This paper researches the different components running on system and divides them into two kind TCB(Trusted Computing Base), i.e. HTCB (HardwareTCB) and STCB (Software TCB). Combing with technologies such as VM (Virtual Machine), integrity measurement and sealed storage, prototype lets STCB bind with HTCB so that trusted chain can be extended from hardware layer to system software layer. Lastly,detailed implement ways and means for prototype are given.
展开▼
